CVE-2018-1197

HIGH

8.5

CVSS Severity Score

EPSS Score0.0070%

EPSS Percentile18.21th

PublishedMar 19, 2018

Last ModifiedNov 21, 2024

Vulnerability Description

In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials.

Affected Platforms (CPE)

📦

Pivotal Software

Windows Stemcells

< 1200.14

References & Advisories

🔗 https://www.cloudfoundry.org/blog/cve-2018-1197/

Related Vulnerabilities

CVE-2018-12766.5

Windows 2012R2 stemcells, versions prior to 1200.17, contain an information exposure vulnerability on vSphere. A remote user with ...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...